SACRED's vs. credentials' protection requirements [Was: RE: I-D A CTION:draft-ietf-sacred-reqs-00.txt]

["Linn, John" <jlinn@xxxxxxxxxxxxxxx>]

I'd like to ask a general question about scope.  Credentials in their
"native" formats, before presentation to a SACRED protocol for transport,
may vary widely in terms of the levels of protection they incorporate.  Some
may be plaintext, others may be protected with secrets having password-level
entropy, and others may be protected with strong cryptographic keys.  It
seems clear, e.g., that the level of confidentiality protection functionally
required within a SACRED protocol is stronger for credentials provided to
SACRED as plaintext than for credentials which are already
strongly-encrypted.  Should we specify that the level of protection required
to be active within SACRED may vary depending on the characteristics of
credentials being input to SACRED?

Under 3.1, it's probably hard to come up with an accurate and exhaustive set
of vulnerabilities; one which seems to be missing is the case of
masquerading as a credential server in order to directly obtain a password
which can then be presented by the attacker to the user's legitimate
credential server.  (V2 concerns dictionary attack, but here there isn't
even any dictionary involved.)

--jl